[Testing] Added more authentication tests

Author: Jovert Lota Palonpon

app/Http/Controllers/Api/Auth/SessionsController.php

@@ -151,6 +151,11 @@ public function refresh()
      */
     public function signout() : JsonResponse
     {
+        $user = $this->guard()->user();
+
+        $user->auth_token = null;
+        $user->update();
+
         $this->guard()->logout();
 
         return response()->json(['message' => 'Successfully signed out']);

tests/Feature/Api/Auth/SessionsTest.php

@@ -12,11 +12,11 @@ public function a_user_can_be_identified()
     {
         $user = User::first();
 
-        $attributes = [
+        $payload = [
             'username' => $user->username,
         ];
 
-        $this->post(route('api.auth.identify'), $attributes)
+        $this->post(route('api.auth.identify'), $payload)
             ->assertStatus(200)
             ->assertSee($user->email);
     }
@@ -26,15 +26,52 @@ public function a_user_can_be_authenticated()
     {
         $user = User::first();
 
-        $attributes = [
+        $payload = [
             'username' => $user->username,
             'password' => 'secret'
         ];
 
-        $this->post(route('api.auth.signin'), $attributes)
+        $this->post(route('api.auth.signin'), $payload)
             ->assertStatus(200)
             ->assertJsonStructure([
                 'auth_token', 'token_type', 'expires_in'
             ]);
     }
+
+    /** @test */
+    public function a_user_can_view_itself()
+    {
+        $payload = array_merge($this->getDefaultPayload(), []);
+
+        $this->post(route('api.auth.user'), $payload)
+            ->assertStatus(200)
+            ->assertJson(_test_user()->toArray());
+    }
+
+    /** @test */
+    public function a_user_can_refresh_its_session()
+    {
+        $payload = array_merge($this->getDefaultPayload(), []);
+
+        $this->post(route('api.auth.refresh'), $payload)
+            ->assertStatus(200)
+            ->assertJsonStructure([
+                'auth_token', 'token_type', 'expires_in'
+            ])
+            ->assertJsonMissing([
+                'auth_token' => $payload['auth_token'],
+            ]);
+    }
+
+    /** @test */
+    public function a_user_can_signout()
+    {
+        $payload = array_merge($this->getDefaultPayload(), []);
+
+        $this->post(route('api.auth.signout'), $payload)
+            ->assertStatus(200)
+            ->assertJsonStructure([
+                'message'
+            ]);
+    }
 }

tests/Feature/Api/BaseTest.php

@@ -9,4 +9,16 @@
 abstract class BaseTest extends TestCase
 {
     use WithFaker, RefreshDatabase;
+
+    /**
+     * Get default request payload
+     *
+     * @return array
+     */
+    protected function getDefaultPayload()
+    {
+        return [
+            'auth_token' => _test_user()->auth_token,
+        ];
+    }
 }

tests/Feature/Api/UsersTest.php

@@ -45,16 +45,4 @@ public function a_user_can_view_a_user()
             ->assertStatus(200)
             ->assertJson($user->toArray());
     }
-
-    /**
-     * Get default request payload
-     *
-     * @return array
-     */
-    protected function getDefaultPayload()
-    {
-        return [
-            'auth_token' => _test_user()->auth_token,
-        ];
-    }
 }